Solved: Multiple Flaws on ASA -Does ASA 9.12(4)30 exposed to CVE-2020-3187

beverlie · ‎12-24-2021

Hi !

We have identified many flaws (CVE-2020-3187, CVE-2018-0296, CVE-2020-3452, CVE-2020-3580, CVE-2020-3452, CVE-2020-3452..) on our ASA device running version 9.8(2)20. Then we decided to perform an upgrade to a more recent version 9.12(4)30 (according to details provided here https://www.cisco.com/web/software/280775065/152946/ASA-9124-Interim-Release-Notes.html ) which was supposed to be free of any above vulnerabilities. But it seems we are still receiving alert related to these flaws.

I would like to know how I can be sure that ASA version 9.12(4)30 is not exposed to above vulnerabilities? is it any relevant document or portal that I can used to check that information to have assurance.

Thank !

Kasun Bandara · ‎12-24-2021

Hi,

You can refer cisco advisories to find the fixed versions for each vulnerability. for ex. check below link for your first CVE. these documents explains, affected versions and fixed versions.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

View solution in original post

Kasun Bandara · ‎12-24-2021

Hi,

You can refer cisco advisories to find the fixed versions for each vulnerability. for ex. check below link for your first CVE. these documents explains, affected versions and fixed versions.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB